The FBI issued an alert to businesses in July after unknown attackers breached a computer used to control the heating, ventilation and air conditioning (HVAC) system of a New Jersey company, accessing a graphical user interface for the system, including a floor play layout of the company’s office. The attacks came after an Anonymous affiliated hacker, using the handle @ntisec, published links to vulnerable ICS systems running software from the firm Tridium online. The links included the address of an administrative system that controlled the HVAC system used by US Business 1, a New Jersey company that installs air conditioning systems for other companies, according to a copy of the July, 2012 Situational Information Report (PDF), issued by the Newark Division of the FBI. The alert concerning the February and March, 2012 attack was released by the web site Public Intelligence on Saturday. The FBI did not respond to a request for comment from Security […]
Vulnerabilities
Web Attacks Target Foreign Exchange, Payment Processing Sites
A currency trading web site was compromised and used to serve malicious java applications to unwitting visitors, according to researchers at the security firm Websense- part of what might be a larger trend. Websense said in a blog post on Wednesday that the site tradingforex.com, which is used by foreign currency traders, was infected with a malicious Java applet that, when installed, key logging and screen capture software. Tradingforex.com (@Tradingforexxx) is a Cyprus-based online trading web site. It allows individuals to trade on the global foreign exchange market (or Forex). Users can trade everything from foreign currencies to precious metals, commodities and other financial instruments. According to an investigation by Websense researcher Gianluca Giuliani, the site was pushing a back door program to visitors using a malicious Java plugin to exploit known Java vulnerabilities on the victims’ computers. Further investigation by Websense and Giuliani revealed that the malware being pushed […]
Chrome 0Day A No-Show At Security Con
A planned talk that was to unveil a new and previously unknown (or “zero day”) vulnerability in Google’s Chrome web browser was cancelled on Saturday after the researcher, Ucha Gobejishvili, backed out, citing difficulties obtaining a visa to travel to New Dehli, India, where the Malcon hacking conference was held. The organizer of Malcon, Rajshekhar Murthy, confirmed in an email to Security Ledger that Gobejishvili cancelled his talk at the last minute. “(Ucha) did not come at (sp) the conference due to visa issues in the last minute,” Rajshekhar Murthy wrote in an e-mail to Security Ledger on Monday. “The issue stated was he was called in last minute (sp) by the military for compulsory service which conflicted with our event dates.” Gobejishvili did not respond to e-mail and instant message requests for comment. In a conversation with Security Ledger last week, he said he would use his talk at […]
Questions, Doubts greet Researcher’s Claim to have Chrome Zero Day
Google says that it will wait to see what transpires at a New Delhi hacking conference this week before responding to a researcher’s claim that he has discovered a remotely exploitable vulnerability in its Chrome web browser. Speaking with Security Ledger, Google spokeswoman Jessica Kositz said that the company was aware of claims by Georgian researcher Ucha Gobejishvili that he has discovered a previously unknown (zero day) security hole in Chrome and will demonstrate it at this week’s MalCon hacking conference. Gobejishvili described the security hole in Chrome as a “critical vulnerability.” “It has silent and automatically (sp) download function…and it works on all Windows systems” he told Security Ledger in an online chat session. While the Tbilisi-based researcher won’t say much about the hole, he told Security Ledger that he discovered it in July. The vulnerability is in a DLL (dynamic link library) that is part of the browser […]
Profile Poisoning the Next Frontier for Hackers
Google and Facebook already know everything about you – your interests, friends, tastes and even your movements. That’s already a privacy nightmare, but researchers at the Georgia Institute of Technology’s Information Security Center (GTISC) think it could soon be a security nightmare, also. Automated information systems already determine what version of the news most of us see. But researchers at Georgia Tech warn that the power of such systems to shape what each of us see online could soon become a powerful tool in the hands of sophisticated attackers, who might look for ways to manipulate victims’ online profile to steer them to certain sites, according to the report “Emerging Cyber Threats Reports 2013.” Researchers at Georgia Tech said attacks that manipulate a victim’s search history, part of their online profile, using cross-site request forgery are already technically feasible. In practice, they would allow for a kind of super-search engine […]
